iRule to send violation data to a remote end point

Nathan, I'm looking at your suggestion of a sideband connection. This is not something I am familiar with however after only a quick read about sideband connections, this looks like it could be what I am after. Thank you again. It is always greatly appreciated to have an active helpful community. Happy new year guys.

Hi Guys, Thanks for the comments. Unfortunately for the scenario at hand a pull data from the asm log won't give the solution I'm after.

I have setup an ICAP server to scan HTTP uploads when they come in. When a Virus is Detected I can block/alert and respond directly back to the client as per any other violation. What I want to do is send a message to an API only when a virus is detected. As a result, this would need to be done on the fly rather than retrospectively as pulling data from the request log would be. For the case of reporting, the pull request will be suitable.

Happy New Year mate.

Thanks Nathan, happy new year btw!

Hey Patrick. Yes, you could use REST to pull the details from the ASM event log. ASM and REST not fully compatible yet but this you should be able to do.

I'm a total newbie in regards to ASM, but I have to ask: Is there any way to pull the data instead Nathan?

/Patrik

The only thought I have on this is to use a sideband connection once a violation is triggered.